Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CjROm04cTJ-RsR09ic85jhTe8Zs.roa
File:                     CjROm04cTJ-RsR09ic85jhTe8Zs.roa (raw, json)
Hash identifier:          mBcs7u84uq3VP7iS8RpYGj1JH27JTHmABF6pWc3Hoh8=
Subject key identifier:   0A:34:4E:9B:4E:1C:4C:9F:91:B1:1D:3D:89:CF:39:8E:14:DE:F1:9B
Certificate issuer:       /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial:       018A938792D8B674E591457B47B7F6A871D1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CjROm04cTJ-RsR09ic85jhTe8Zs.roa
Signing time:             Thu 14 Sep 2023 11:50:50 +0000
ROA not before:           Thu 14 Sep 2023 11:50:50 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     9009
IP address blocks:        81.181.68.0/23 maxlen: 24
                          194.102.36.0/22 maxlen: 24
                          81.181.72.0/23 maxlen: 24
                          217.156.16.0/23 maxlen: 24
                          80.97.40.0/21 maxlen: 24
                          81.181.104.0/21 maxlen: 24
                          85.122.120.0/22 maxlen: 22
                          85.122.124.0/22 maxlen: 24
                          217.156.48.0/22 maxlen: 24
                          81.181.14.0/23 maxlen: 24
                          81.181.26.0/23 maxlen: 24
                          194.102.148.0/23 maxlen: 24
                          194.102.160.0/23 maxlen: 24
                          85.121.48.0/21 maxlen: 24
                          194.102.174.0/23 maxlen: 24
                          194.102.180.0/22 maxlen: 24
                          85.120.224.0/21 maxlen: 24
                          80.97.96.0/23 maxlen: 24
                          217.156.94.0/23 maxlen: 24
                          80.96.54.0/23 maxlen: 24
                          80.96.102.0/23 maxlen: 24
                          85.121.168.0/22 maxlen: 24
                          194.102.224.0/22 maxlen: 24
                          80.96.44.0/23 maxlen: 24
                          81.180.98.0/23 maxlen: 24
                          85.121.232.0/21 maxlen: 24
                          194.105.12.0/22 maxlen: 24
                          194.153.230.0/23 maxlen: 24
                          81.180.228.0/23 maxlen: 24
                          194.153.244.0/23 maxlen: 24
                          85.120.84.0/23 maxlen: 24
                          81.180.254.0/23 maxlen: 24
                          81.180.174.0/23 maxlen: 24
                          85.121.208.0/21 maxlen: 24
                          80.96.156.0/22 maxlen: 24
                          194.153.225.0/24 maxlen: 24
                          193.226.76.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Mon 01 Jan 2024 18:30:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8a:93:87:92:d8:b6:74:e5:91:45:7b:47:b7:f6:a8:71:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
        Validity
            Not Before: Sep 14 11:50:50 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0a344e9b4e1c4c9f91b11d3d89cf398e14def19b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:97:33:c3:cf:c4:c0:07:db:f6:52:8c:0f:b3:
                    9c:ef:00:b3:24:cd:8d:71:eb:8d:65:8b:ab:a4:69:
                    e1:46:31:a1:c3:7a:3b:ce:c6:b3:6c:22:10:29:29:
                    be:f8:6a:9e:93:38:7a:7e:ef:d3:79:0d:c7:6b:74:
                    77:4d:35:65:03:91:c1:fc:0b:b5:ed:85:52:30:d0:
                    fe:ac:8e:03:45:5e:21:f5:95:25:1f:93:95:1d:b3:
                    7a:39:e5:0c:b6:a5:1c:ce:13:08:84:6d:d9:ac:12:
                    0c:bc:f4:5f:5f:c7:ee:6e:ac:b7:83:27:d1:6a:0e:
                    01:89:8d:1c:f4:7b:14:18:95:24:e5:45:41:46:6d:
                    f1:19:24:64:b7:5b:f3:0d:20:a1:c3:d0:29:c3:71:
                    2b:47:fb:d8:47:cd:fa:7c:3b:e6:c0:8a:98:a3:0c:
                    4d:57:88:64:4c:77:85:a9:b4:cd:c4:de:53:c9:b9:
                    56:61:20:72:0f:ea:1c:20:e5:01:94:c6:50:16:8b:
                    5c:b8:9d:ed:18:2d:7d:86:32:45:96:67:33:b8:28:
                    8e:bd:d5:71:8a:f7:ae:09:e4:72:28:5f:bf:38:75:
                    67:e5:c2:4e:63:75:30:57:8a:56:9e:25:d6:68:21:
                    22:1b:01:ab:4a:38:2a:d1:24:78:a8:6d:d7:80:41:
                    6d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:34:4E:9B:4E:1C:4C:9F:91:B1:1D:3D:89:CF:39:8E:14:DE:F1:9B
            X509v3 Authority Key Identifier:
                keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/CjROm04cTJ-RsR09ic85jhTe8Zs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  80.96.44.0/23
                  80.96.54.0/23
                  80.96.102.0/23
                  80.96.156.0/22
                  80.97.40.0/21
                  80.97.96.0/23
                  81.180.98.0/23
                  81.180.174.0/23
                  81.180.228.0/23
                  81.180.254.0/23
                  81.181.14.0/23
                  81.181.26.0/23
                  81.181.68.0/23
                  81.181.72.0/23
                  81.181.104.0/21
                  85.120.84.0/23
                  85.120.224.0/21
                  85.121.48.0/21
                  85.121.168.0/22
                  85.121.208.0/21
                  85.121.232.0/21
                  85.122.120.0/21
                  193.226.76.0/22
                  194.102.36.0/22
                  194.102.148.0/23
                  194.102.160.0/23
                  194.102.174.0/23
                  194.102.180.0/22
                  194.102.224.0/22
                  194.105.12.0/22
                  194.153.225.0/24
                  194.153.230.0/23
                  194.153.244.0/23
                  217.156.16.0/23
                  217.156.48.0/22
                  217.156.94.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:77:e4:94:b4:c6:ec:e3:3c:88:e8:d8:28:33:a2:98:b8:8b:
         9c:14:f0:a5:49:e8:e3:2a:d3:8b:49:c5:92:06:8c:35:c4:85:
         bc:c3:f6:2d:9c:e1:6d:47:2a:18:08:55:a4:6d:c0:86:53:ee:
         ee:98:09:cf:89:bd:c7:78:0e:05:01:ea:0b:22:25:d7:73:3e:
         be:51:78:c8:c1:95:8b:a0:32:9a:84:fe:fa:88:f7:e5:20:d1:
         6e:90:43:16:48:5b:6e:e8:3c:4c:39:c6:92:d7:db:bb:79:1b:
         eb:60:cf:6c:94:25:a5:92:0b:cd:61:36:db:3a:a0:1c:0b:2d:
         fd:b6:6e:96:32:03:3a:e6:c4:ac:c4:31:99:95:31:9b:9b:84:
         c5:48:85:45:a3:66:30:33:01:db:e6:46:60:d3:ea:5f:36:84:
         61:dc:ca:6e:27:78:55:98:a2:ef:15:2e:de:ed:22:8b:09:ce:
         66:07:3a:e9:df:9d:d6:bd:53:a7:be:8c:c4:d0:d1:92:ab:26:
         62:aa:87:5d:6c:80:d0:a1:ad:d9:53:bb:87:eb:64:f4:31:4e:
         82:43:0c:0a:5c:31:40:15:d3:df:7d:49:0f:fa:cf:9e:f4:72:
         94:d1:ed:0d:72:28:be:f4:e6:94:13:8e:87:98:30:af:d7:22:
         b9:2d:94:85
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAYqTh5LYtnTlkUV7R7f2qHHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwOTE0MTE1MDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM0NGU5YjRlMWM0YzlmOTFiMTFkM2Q4OWNmMzk4ZTE0ZGVmMTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZczw8/EwAfb9lKMD7Oc7wCzJM2N
ceuNZYurpGnhRjGhw3o7zsazbCIQKSm++Gqekzh6fu/TeQ3Ha3R3TTVlA5HB/Au1
7YVSMND+rI4DRV4h9ZUlH5OVHbN6OeUMtqUczhMIhG3ZrBIMvPRfX8fubqy3gyfR
ag4BiY0c9HsUGJUk5UVBRm3xGSRkt1vzDSChw9Apw3ErR/vYR836fDvmwIqYowxN
V4hkTHeFqbTNxN5TyblWYSByD+ocIOUBlMZQFotcuJ3tGC19hjJFlmczuCiOvdVx
iveuCeRyKF+/OHVn5cJOY3UwV4pWniXWaCEiGwGrSjgq0SR4qG3XgEFtXQIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFAo0TptOHEyfkbEdPYnPOY4U3vGbMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvQ2pST20wNGNUSi1Sc1IwOWljODVqaFRlOFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCB3wQCAAEwgdgDBAFQ
YCwDBAFQYDYDBAFQYGYDBAJQYJwDBANQYSgDBAFQYWADBAFRtGIDBAFRtK4DBAFR
tOQDBAFRtP4DBAFRtQ4DBAFRtRoDBAFRtUQDBAFRtUgDBANRtWgDBAFVeFQDBANV
eOADBANVeTADBAJVeagDBANVedADBANVeegDBANVengDBALB4kwDBALCZiQDBAHC
ZpQDBAHCZqADBAHCZq4DBALCZrQDBALCZuADBALCaQwDBADCmeEDBAHCmeYDBAHC
mfQDBAHZnBADBALZnDADBAHZnF4wDQYJKoZIhvcNAQELBQADggEBAAV35JS0xuzj
PIjo2Cgzopi4i5wU8KVJ6OMq04tJxZIGjDXEhbzD9i2c4W1HKhgIVaRtwIZT7u6Y
Cc+Jvcd4DgUB6gsiJddzPr5ReMjBlYugMpqE/vqI9+Ug0W6QQxZIW27oPEw5xpLX
27t5G+tgz2yUJaWSC81hNts6oBwLLf22bpYyAzrmxKzEMZmVMZubhMVIhUWjZjAz
AdvmRmDT6l82hGHcym4neFWYou8VLt7tIosJzmYHOunfnda9U6e+jMTQ0ZKrJmKq
h11sgNChrdlTu4frZPQxToJDDApcMUAV0999SQ/6z570cpTR7Q1yKL705pQTjoeY
MK/XIrktlIU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org